Steffen Kaiser schreef op 27-11-2013 17:48:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Wed, 27 Nov 2013, Benny Pedersen wrote:
Roger Berger skrev den 2013-11-27 11:41:
If I understand right it is not possible to use system
and virtual users together.
incorrect it is, see here http://wiki2.dovecot.org/VirtualUsers part
of usernames and domains
its all about dovecot auth how its configured, if you want both
system and virtual users make sure system users get domain stripped
in auth
in addition to Benny's remark, you can also override the username,
e.g. system users may auth without domain, but passdb/userdb return
the user with domain. Then you can have all users as virtual user/domain.
But probably using two userdb's is easier to maintain.
- -- Steffen Kaiser
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQEVAwUBUpYicV3r2wJMiz2NAQLA8Af/UihRhqMl+zMA8KhaeTZNA2HXslfnwEby
nYwEjaznsW07o8oJw4uEpABE+iifZbexPBlBYz9ZifDbcPjz40EyXDbMPaK1CFQs
1ScetGtKli0/jZue4kTbuXKZhzRAqU+fQDwgsyCGCtQEdzp+CdW7IDRnUltgtFQg
YFcdHENNpOGPnht+vMCOlnPRLmqzasQujOALe3CWNhU/MsD1EfQC6Hw5hx8btYpd
M731NdH7YT8RH2SV+FOPWO1Bixg0sqw15VJznj4390jlmVsIuNu47ABt0Ht6Kfm2
AHyi7oZz3EpRyl7RAI+dwKTd0wKP3sgmvnbdqrDdNVPUIp5cTmaHCA==
=5Jpo
-----END PGP SIGNATURE-----
Here is my dovecot -n:
root@mail:/usr/local/etc/dovecot/conf.d # dovecot -n
# 2.2.6: /usr/local/etc/dovecot/dovecot.conf
# OS: FreeBSD 9.2-RELEASE amd64
auth_default_realm = mail.nedport.net
auth_mechanisms = plain login
auth_realms = mail.nedport.net nedport.net
disable_plaintext_auth = no
first_valid_gid = 500
hostname = mail.nedport.net
lda_mailbox_autocreate = yes
mail_gid = 5000
mail_location = maildir:~/
mail_plugins = quota expire mail_log notify
mail_temp_dir = /var/tmp
mail_uid = 5000
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date ihave
namespace inbox {
inbox = yes
location =
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix =
}
passdb {
args = /usr/local/etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
plugin {
expire = Trash
mail_log_events = delete undelete expunge copy mailbox_delete
mailbox_rename
mail_log_fields = uid box msgid size
quota = maildir:User quota
quota_exceeded_message = Storage quota for this account has been
exceeded, please try again later.
quota_rule = *:storage=1G
quota_rule2 = Trash:storage=+30%%
quota_rule3 = Sent:storage=+30%%
quota_warning = storage=90%% quota-warning 90 %u
quota_warning2 = storage=75%% quota-warning 75 %u
}
pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
postmaster_address = postmas...@nedport.net
sendmail_path = /usr/local/sbin/sendmail
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0660
user = postfix
}
unix_listener auth-userdb {
group = vmail
mode = 0600
user = vmail
}
}
service quota-warning {
executable = script /usr/local/bin/quota-warning.sh
unix_listener quota-warning {
user = vmail
}
user = vmail
}
ssl = no
ssl_cert = </etc/ssl/certs/dovecot.pem
ssl_key = </etc/ssl/private/dovecot.pem
userdb {
driver = prefetch
}
userdb {
args = /usr/local/etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
protocol imap {
mail_max_userip_connections = 3
mail_plugins = quota expire mail_log notify imap_quota imap_zlib
}
protocol pop3 {
mail_max_userip_connections = 3
}
I've been thinking about this and I want to put all system users in the
database using the provided tools from postfixadmin and then sync the
mail using imapsync.
In that case domain admins can handle their own mailboxes using
postfixadmin.
In that case I have all users as virtual users, but they have to be able
to login with only their username.
That means new users should login by using their complete emailaddress
and old users as username or emailaddress.
so:
old user: i...@domain1.com user: info can login as info or i...@domain1.com
old user: i...@domain2.com user: info.ltd can login as info.ltd or
i...@domain2.com
new user: i...@domain3.com can login only as i...@domain3.com
if the new user tries to login as info he gets a password failure
Is this possible an correct ?
